[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Call for AH-MD5 and ESP-DES to move forward

To: ipsec@TIS.COM
Subject: Call for AH-MD5 and ESP-DES to move forward
From: William Allen Simpson <wsimpson@greendragon.com>
Date: Mon, 26 Feb 96 20:34:35 GMT
Sender: ipsec-request@neptune.tis.com

> From: Ran Atkinson <rja@cisco.com>
> %  B) Since RFC-1828 and RFC-1829 are more than ready to go to Draft
> %     Standard, but interoperability of Sensitivity Labels has not been
> %     demonstrated, by RFC-1602 we MUST remove Sensitivity Labels from our
> %     official WG documents.
>
> RFC-1828 and RFC-1829 are NOT ready to go to Draft Standard.  In

Why not?  After all, they have the implementations required by
RFC-1602, page 14:

         A specification from which at least two independent and
         interoperable implementations have been developed, and for
         which sufficient successful operational experience has been
         obtained, may be elevated to the "Draft Standard" level.

We have existence proff that the specifications are specified with
sufficient clarity to be implemented internationally!


> fact, they CANNOT go to Draft Standard because RFC-1825 through RFC-1827
> are not ready to move forward.
>
RFC-1825 through -1827 are only advancable by experience on -1828 and
RFC-1829 -- not the other way around!  The former are dependent on
implementations of the latter.

And you did promise revisions to your RFCs which have not appeared.
But, that shouldn't stop the forward progress of the others....


> Further, RFC-1829 is known to be vulnerable to active attacks.
>
I do not understand.  I have seen no new references to attacks on
RFC-1829 mentioned on this list since the RFCs were published.

The only attack that I am aware of is that described to us by Steve
Bellovin last April.  It is clearly referenced in the Security
Considerations section, as is the use of AH to prevent the attack.

Are you now substituting your personal judgement for both WG consensus
and IETF consensus?


> % Then, you have not followed the Standards Process in RFC-1602.  The time
> % for updating them is upon us.
>
> False.  We are NOT required to move them forward at the first opportunity
> to do so.  There is no process violation in waiting until things are
> ready to move forward.
>
Why should they wait for other (tardy) drafts, on which advancement they
are not dependent?

The implementors desire an expeditious and stable specification.

And yes, delaying the Standards Process indefinitely is a process
violation in and of itself.  That's one of the reasons we have target
times, in both Standards Process and the WG Charter....

Is it your personal position that only WG Chair(s) (the royal "We") are
"permitted" to ask the WG for an advance on the standards track, and the
rest of us must patiently await their pleasure?

Bill.Simpson@um.cc.umich.edu
          Key fingerprint =  2E 07 23 03 C5 62 70 D3  59 B1 4F 5E 1D C2 C1 A2

Prev by Date: Re: Sensitivity Labels
Next by Date: Call for AH-SHA and ESP-3DES to move forward
Prev by thread: IPsec Implementation Survey: ETHZ
Next by thread: Call for AH-SHA and ESP-3DES to move forward
Index(es):
- Main
- Thread